Comcast to adopt Web security protocol

Security of the Internet and the security of user information on the Internet have become significantly sharper concerns since Google announced itself the target of hostile hacks in December. Comcast addressed the issue of security on its corporate blog today, discussing its testing of, and advocacy for, DNS Security extensions (DNSSEC).

Various commercial organizations have been under ongoing hacker attack for more than a year. Google is one of the only companies to publicly acknowledge the fact, but there have been reports that companies in nearly every sector, including oil exploration, high tech and financial services, have been hacked.

Yesterday, the Federal Trade Commission said it had sent notifications to 100 different U.S. organizations, including schools, banks and corporations, letting them know that their data has been breached and is actually available on peer-to-peer file-sharing networks.

Experts believe there are multiple threats, some from organized crime, and some, if not directly from foreign governments, at least with the complicity of foreign governments. The aims of different attacks therefore vary, from outright theft to espionage.

Comcast is addressing one of the commercial elements of cyber attacks. In its blog entry[1], it said that by early next year it intends to implement DNSSEC, a means to protect domain information so that ISPs can validate and make sure nothing has been tampered with.

“This prevents hackers from injecting false information (aka DNS ‘poisoning’) that re-directs you to a fake or nefarious site. The process needed to secure domains, as well as validate them, is very complex, and that is why we are taking time over the next year to make sure everything works,” the entry says.

Comcast said it will implement DNSSEC for Comcast.com, Comcast.net and Xfinity.com by the first quarter of 2011, if not sooner. The company said it plans to implement DNSSEC validation for all of its customers by the end of 2011.